Skip navigation
Duo blog header
Product & Engineering

Zero Trust Access Policy Is Complicated. Here’s How to Simplify It.

Do you grapple with complicated access policies, or have you experienced a failed device trust policy deployment? You’re not alone.

The truth is, zero trust access policies can be complicated to deploy, scale, and support. And organizations looking to gain ground in their zero-trust journey are forced to contend with a widening cybersecurity readiness gap. According to the Cisco Cybersecurity Readiness Index, 85% of organizations are not prepared to protect themselves against modern attacks. Security leaders, then, are looking for more efficient ways to lock down their defenses. And they want help from effective zero trust access policies. They just don’t want it to be complicated.

That’s why we at Cisco Duo offer a simple-to-deploy policy for applications, people, and devices that can help mitigate modern security threats and attacks.

Cisco Duo’s recent update to our $3 per user per month edition (now called Duo Essentials) adds an important device trust feature called Trusted Endpoints, which allows businesses to:

  • Distinguish device trust easily by integrating with virtually any third-party device management solution

  • Distinguish trust by application verification using Cisco Duo’s Device Health and Duo Mobile applications

  • Deploy and verify device trust status at a lower cost than out competitors

Accelerate device zero trust with Cisco Duo SSO

The simplest way to implement a device zero trust policy such as Trusted Endpoints is by centralizing the SAML & OIDC Single-Sign-On (SSO) experience with a solution like Cisco Duo SSO. Duo SSO quickly connects to your identity provider of choice and integrates with ANY SAML or OIDC application with dedicated integrations for Microsoft 365, Citrix NetScaler, Cisco AnyConnect (ASA + FirePower), SalesForce, Cisco Webex, and many others.

Learn how to deploy Cisco Duo SSO

Once an application has been integrated, administrators can use Duo Trusted Endpoints to configure policies to validate device trust across a variety of device use cases such as MacOS, Windows, Android, and iOS and require secure authentication methods such as FIDO2 Security Keys, Touch ID, and Verified Duo Push

Here’s an example of a simple policy requiring all devices to be trusted and only allowing enrolled users to authenticate using pre-approved secure authentication methods:

Screenshot of the policy screen for Trusted Endpoints

Learn how to deploy Cisco Duo Trusted Endpoints

Ramp up security without sacrificing productivity

With Cisco Duo SSO, you can easily grant frictionless access to applications while simultaneously enforcing strong zero trust measures across applications, people, and devices. As hybrid and mobile workforces continue to grow, establishing a seamless way to manage multiplying endpoints will streamline security operations and minimize your attack surface.

Start closing your cybersecurity readiness gap. Contact Cisco Duo today.